2
Introduction We analyze security mechanisms and the protocols at the different network layers and propose a unification of these levels using security patterns. We also develop several new patterns and study the existing patterns for this purpose

3
General Goal In this dissertation our primary aim is to unify the security functions used in different network layers through security patterns. We identify the common security components of each layer and their protocols and try to discover the existing security patterns for each of these layers and identify the missing patterns in order to develop them.

4
Specific Goals Survey the existing protocols for each of these network layers in detail such as IPSec, TLS and SAML. Survey the security mechanisms such as firewalls, IDS and VPN in detail. Survey the existing patterns for each of these security components for each of the network layers. Study the coexistence and synergy of one or more of these security components. Identify and develop the patterns yet to be developed for the security components for each of these network layers. Identify and develop the security patterns yet to be developed for protocols at these layers. Identify the relation between these patterns. Apply the newly developed patterns to a case study and study the effect of using security patterns.

5
Contributions A description of the three basic architectural layers using pattern diagrams showing the relationship between these patterns A description of the protocols to provide security for these layers using security pattern maps. An enumeration of the use cases and the security threats involved for the typical network functions. Analysis of the existing countermeasures, e.g.. firewalls, IDS, VPNs and their combinations. We will consider existing commercial products as possible sources of security patterns.

6
Contributions (Contd…) Specific patterns for the network architectural layers, their security standards, and mechanisms to defend against the identified threats. We have already published one of these [Fer05] and in the process of completing another. Helps a designer to understand a complex system and helps him to design a secure system. Validation of the approach to applying it to a SCADA system.

8
TLS/SSL Two protocols are dominant today for providing security at the transport layer: the Secure Sockets Layer (SSL) Protocol and the Transport Layer Security (TLS) Protocol. The latter is actually an IETF version of the former

10
TLS (Contd…) TLS is a connection-oriented protocol that provides a secure channel between a client and a server. TLS supports confidentiality, data integrity, and client/server authentication. The TLS handshake protocol provides a means for authentication and the negotiation of security parameters, such as the encryption algorithms, encryption keys, MAC keys, etc., that are used to transmit data securely. The TLS record protocol specifies how application data is actually transmitted between two communicating hosts so that confidentiality and data integrity are provided.

12
TLS Handshake Protocol Client/server authentication in TLS is handled in the handshake protocol. The TLS handshake has four phases. In the first phase, the client and server exchange hello messages that are used to establish security parameters used in the TLS session and settings used during the handshake, such as the key exchange algorithm.

13
TLS Handshake During the second phase, the server sends a Certificate message to the client that may include a server certificate when an RSA key exchange is used, or Diffie-Hellman parameters when a Diffie-Hellman key exchange is used. The server may also request a certificate from the client using the CertificateRequest message.

14
TLS Handshake During the third phase of the handshake, the client may send its certificate to the server in a Certificate message along with a CertificateVerify message so that the server can verify certificate ownership, if the server requested a client certificate during the second phase. The client must send either a pre- master secret encrypted using the server’s public key, or public Diffie-Hellman parameters, in the ClientKeyExchange message so that the client and server can compute a shared master secret

15
TLS Handshake In the fourth phase of the handshake, the client and server finish the handshake so that they may begin exchanging application data.

16
Example Applications protocols such as HTTP, LDAP, IMAP need to use TCP/IP to support typical application tasks such as displaying web pages or running email servers.

17
Context TCP/IP governs the transport and routing of data over the internet. We need a protocol at the transport layer to allow the server to be authenticated to the client and vice-versa and establish a secure connection between the two.

18
Forces Authenticate the server to the client Allow the client and server to select the cryptographic algorithms, or ciphers, that they both support. Authenticate the client to the server (Optional) Use public-key encryption techniques to generate shared secrets. Establish an encrypted TLS connection.

19
Solution The server has been authenticated to the client and the client if needed is authenticated to the server and an encrypted connection is established between the server and the client.

22
Consequences Advantages –Server is authenticated. –Client also can be authenticated if needed. –We can use a strong RSA Key method for server authentication. –Once a strong hand shake is done a secure channel is established.

23
Disadvantages The server specifies a list of distinguished names of certifying authorities that the server trusts when it requests a client certificate. In contrast, the client has no such opportunity. Man in the middle attack.

24
Known Uses Any application that uses the TCP layer which uses TLS and uses the handshake protocol such as HTTP, LDAP, IMAP etc.